Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:42775
HistoryAug 15, 2023 - 3:53 p.m.

Denial Of Service (DoS)

2023-08-1515:53:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
libbind9.so
denial of service
vulnerability
debug logging
assertion errors

6.6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:P/I:P/A:C

7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

0.046 Low

EPSS

Percentile

92.6%

JSON

libbind9.so is vulnerable to Denial Of Service (DoS). The vulnerability exists when debug logging is turned on, due to assertion errors in render_ecs which allows an attacker to cause an application crash.

CPENameOperatorVersion
libbind9.sole141.0.4
libbind9.sole141.0.4

Related

f5 2
freebsd 1
cve 1
nvd 1
nessus 7
cvelist 1
openvas 5
prion 1
checkpoint_advisories 1
debiancve 1
ubuntucve 1
ibm 1
mageia 1
fedora 2
archlinux 1
slackware 1
amazon 1
gentoo 1
f5
f5
SOL86533083 - BIND vulnerability CVE-2015-8705
2016-01-19 00:00:00
K86533083 : BIND vulnerability CVE-2015-8705
2016-01-20 00:00:00
freebsd
freebsd
bind -- denial of service vulnerability
2016-01-19 00:00:00
cve
cve
CVE-2015-8705
2016-01-20 15:59:01
nvd
nvd
CVE-2015-8705
2016-01-20 15:59:01
nessus
nessus
FreeBSD : bind -- denial of service vulnerability (314830d8-bf91-11e5-96d6-14dae9d210b8)
2016-01-21 00:00:00
Fedora 23 : bind-9.10.3-10.P3.fc23 (2016-f3517b9c4c)
2016-03-04 00:00:00
ISC BIND 9.3.0 < 9.9.8-P3 / 9.9.x-Sx < 9.9.8-S4 / 9.10.x < 9.10.3-P3 Multiple DoS
2016-01-26 00:00:00
cvelist
cvelist
CVE-2015-8705
2016-01-20 15:00:00
openvas
openvas
ISC BIND Denial of Service Vulnerability (CVE-2015-8705)
2016-01-27 00:00:00
Mageia: Security Advisory (MGASA-2016-0030)
2016-01-21 00:00:00
Fedora Update for bind FEDORA-2016-1
2016-02-05 00:00:00
prion
prion
Authentication flaw
2016-01-20 15:59:00
checkpoint_advisories
checkpoint_advisories
ISC BIND buffer.c REQUIRE Assertion Failure Denial of Service (CVE-2015-8705)
2016-04-12 00:00:00
debiancve
debiancve
CVE-2015-8705
2016-01-20 15:59:01
ubuntucve
ubuntucve
CVE-2015-8705
2016-01-19 00:00:00
ibm
ibm
Security Bulletin: IBM i is affected by networking BIND vulnerabilities (CVE-2015-8704 and CVE-2015-8705).
2019-12-18 14:26:38
mageia
mageia
Updated bind packages fix security vulnerability
2016-01-20 20:53:26
fedora
fedora
[SECURITY] Fedora 23 Update: bind-9.10.3-10.P3.fc23
2016-01-24 03:35:29
[SECURITY] Fedora 22 Update: bind-9.10.3-8.P3.fc22
2016-02-02 00:56:54
archlinux
archlinux
bind: denial of service
2016-01-21 00:00:00
slackware
slackware
[slackware-security] bind
2016-02-23 19:50:34
amazon
amazon
Medium: bind
2016-01-19 12:00:00
gentoo
gentoo
BIND: Multiple vulnerabilities
2016-10-11 00:00:00

6.6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:P/I:P/A:C

7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

0.046 Low

EPSS

Percentile

92.6%

JSON
Related for VERACODE:42775
f52freebsd1cve1nvd1nessus7cvelist1openvas5prion1checkpoint_advisories1debiancve1ubuntucve1ibm1mageia1fedora2archlinux1slackware1amazon1gentoo1